52#if !defined(MBEDTLS_CONFIG_FILE)
55#include MBEDTLS_CONFIG_FILE
58#if defined(MBEDTLS_ECJPAKE_C)
65#if !defined(MBEDTLS_ECJPAKE_ALT)
68#define ECJPAKE_VALIDATE_RET( cond ) \
69 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_ECP_BAD_INPUT_DATA )
70#define ECJPAKE_VALIDATE( cond ) \
71 MBEDTLS_INTERNAL_VALIDATE( cond )
76static const char *
const ecjpake_id[] = {
81#define ID_MINE ( ecjpake_id[ ctx->role ] )
82#define ID_PEER ( ecjpake_id[ 1 - ctx->role ] )
89 ECJPAKE_VALIDATE(
ctx !=
NULL );
135 const unsigned char *
secret,
140 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
166 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
181static int ecjpake_write_len_point(
unsigned char **
p,
182 const unsigned char *
end,
199 (*p)[0] = (
unsigned char)( (
len >> 24 ) & 0xFF );
200 (*p)[1] = (
unsigned char)( (
len >> 16 ) & 0xFF );
201 (*p)[2] = (
unsigned char)( (
len >> 8 ) & 0xFF );
202 (*p)[3] = (
unsigned char)( (
len ) & 0xFF );
213#define ECJPAKE_HASH_BUF_LEN ( 3 * ( 4 + MBEDTLS_ECP_MAX_PT_LEN ) + 4 + 6 )
228 unsigned char buf[ECJPAKE_HASH_BUF_LEN];
229 unsigned char *
p =
buf;
230 const unsigned char *
end =
buf +
sizeof(
buf );
231 const size_t id_len =
strlen(
id );
242 *
p++ = (
unsigned char)( ( id_len >> 24 ) & 0xFF );
243 *
p++ = (
unsigned char)( ( id_len >> 16 ) & 0xFF );
244 *
p++ = (
unsigned char)( ( id_len >> 8 ) & 0xFF );
245 *
p++ = (
unsigned char)( ( id_len ) & 0xFF );
247 if(
end <
p || (
size_t)(
end -
p ) < id_len )
274 const unsigned char **
p,
275 const unsigned char *
end )
298 if(
end < *
p || (
size_t)(
end - *
p ) < 1 )
306 if(
end < *
p || (
size_t)(
end - *
p ) < r_len )
320 &VV, &
h,
X, &
r,
G ) );
348 const unsigned char *
end,
349 int (*f_rng)(
void *,
unsigned char *,
size_t),
367 G, &
v, &
V, f_rng, p_rng ) );
385 *(*p)++ = (
unsigned char)(
len & 0xFF );
407 const unsigned char **
p,
408 const unsigned char *
end )
446 const unsigned char *
end,
447 int (*f_rng)(
void *,
unsigned char *,
size_t),
465 p,
end, f_rng, p_rng ) );
482 const unsigned char *
buf,
486 const unsigned char *
p =
buf;
520 int (*f_rng)(
void *,
unsigned char *,
size_t),
524 unsigned char *
p =
buf;
528 &
p,
end, f_rng, p_rng ) );
530 &
p,
end, f_rng, p_rng ) );
542 const unsigned char *
buf,
545 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
546 ECJPAKE_VALIDATE_RET(
buf !=
NULL );
548 return( ecjpake_kkpp_read(
ctx->md_info, &
ctx->grp,
ctx->point_format,
550 &
ctx->Xp1, &
ctx->Xp2, ID_PEER,
558 unsigned char *
buf,
size_t len,
size_t *olen,
559 int (*f_rng)(
void *,
unsigned char *,
size_t),
562 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
563 ECJPAKE_VALIDATE_RET(
buf !=
NULL );
564 ECJPAKE_VALIDATE_RET( olen !=
NULL );
565 ECJPAKE_VALIDATE_RET( f_rng !=
NULL );
567 return( ecjpake_kkpp_write(
ctx->md_info, &
ctx->grp,
ctx->point_format,
570 ID_MINE,
buf,
len, olen, f_rng, p_rng ) );
600 const unsigned char *
buf,
604 const unsigned char *
p =
buf;
609 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
610 ECJPAKE_VALIDATE_RET(
buf !=
NULL );
633 if( grp.
id !=
ctx->grp.id )
664 int (*f_rng)(
void *,
unsigned char *,
size_t),
692 unsigned char *
buf,
size_t len,
size_t *olen,
693 int (*f_rng)(
void *,
unsigned char *,
size_t),
700 unsigned char *
p =
buf;
704 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
705 ECJPAKE_VALIDATE_RET(
buf !=
NULL );
706 ECJPAKE_VALIDATE_RET( olen !=
NULL );
707 ECJPAKE_VALIDATE_RET( f_rng !=
NULL );
723 &
ctx->grp.N, f_rng, p_rng ) );
752 ctx->point_format, &ec_len,
p,
end -
p ) );
757 &
G, &xm, &
Xm, ID_MINE,
758 &
p,
end, f_rng, p_rng ) );
774 unsigned char *
buf,
size_t len,
size_t *olen,
775 int (*f_rng)(
void *,
unsigned char *,
size_t),
784 ECJPAKE_VALIDATE_RET(
ctx !=
NULL );
785 ECJPAKE_VALIDATE_RET(
buf !=
NULL );
786 ECJPAKE_VALIDATE_RET( olen !=
NULL );
787 ECJPAKE_VALIDATE_RET( f_rng !=
NULL );
805 &
ctx->grp.N, f_rng, p_rng ) );
808 &m_xm2_s, &
ctx->Xp2 ) );
813 x_bytes = (
ctx->grp.pbits + 7 ) / 8;
830#if defined(MBEDTLS_SELF_TEST)
832#if defined(MBEDTLS_PLATFORM_C)
836#define mbedtls_printf printf
839#if !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
840 !defined(MBEDTLS_SHA256_C)
841int mbedtls_ecjpake_self_test(
int verbose )
848static const unsigned char ecjpake_test_password[] = {
849 0x74, 0x68, 0x72, 0x65, 0x61, 0x64, 0x6a, 0x70, 0x61, 0x6b, 0x65, 0x74,
853#if !defined(MBEDTLS_ECJPAKE_ALT)
855static const unsigned char ecjpake_test_x1[] = {
856 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
857 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
858 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x21
861static const unsigned char ecjpake_test_x2[] = {
862 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
863 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
864 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
867static const unsigned char ecjpake_test_x3[] = {
868 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c,
869 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
870 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x81
873static const unsigned char ecjpake_test_x4[] = {
874 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc,
875 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8,
876 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe1
879static const unsigned char ecjpake_test_cli_one[] = {
880 0x41, 0x04, 0xac, 0xcf, 0x01, 0x06, 0xef, 0x85, 0x8f, 0xa2, 0xd9, 0x19,
881 0x33, 0x13, 0x46, 0x80, 0x5a, 0x78, 0xb5, 0x8b, 0xba, 0xd0, 0xb8, 0x44,
882 0xe5, 0xc7, 0x89, 0x28, 0x79, 0x14, 0x61, 0x87, 0xdd, 0x26, 0x66, 0xad,
883 0xa7, 0x81, 0xbb, 0x7f, 0x11, 0x13, 0x72, 0x25, 0x1a, 0x89, 0x10, 0x62,
884 0x1f, 0x63, 0x4d, 0xf1, 0x28, 0xac, 0x48, 0xe3, 0x81, 0xfd, 0x6e, 0xf9,
885 0x06, 0x07, 0x31, 0xf6, 0x94, 0xa4, 0x41, 0x04, 0x1d, 0xd0, 0xbd, 0x5d,
886 0x45, 0x66, 0xc9, 0xbe, 0xd9, 0xce, 0x7d, 0xe7, 0x01, 0xb5, 0xe8, 0x2e,
887 0x08, 0xe8, 0x4b, 0x73, 0x04, 0x66, 0x01, 0x8a, 0xb9, 0x03, 0xc7, 0x9e,
888 0xb9, 0x82, 0x17, 0x22, 0x36, 0xc0, 0xc1, 0x72, 0x8a, 0xe4, 0xbf, 0x73,
889 0x61, 0x0d, 0x34, 0xde, 0x44, 0x24, 0x6e, 0xf3, 0xd9, 0xc0, 0x5a, 0x22,
890 0x36, 0xfb, 0x66, 0xa6, 0x58, 0x3d, 0x74, 0x49, 0x30, 0x8b, 0xab, 0xce,
891 0x20, 0x72, 0xfe, 0x16, 0x66, 0x29, 0x92, 0xe9, 0x23, 0x5c, 0x25, 0x00,
892 0x2f, 0x11, 0xb1, 0x50, 0x87, 0xb8, 0x27, 0x38, 0xe0, 0x3c, 0x94, 0x5b,
893 0xf7, 0xa2, 0x99, 0x5d, 0xda, 0x1e, 0x98, 0x34, 0x58, 0x41, 0x04, 0x7e,
894 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb, 0xd7, 0x92, 0x62,
895 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18, 0x40, 0x9a, 0xc5,
896 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47, 0x79, 0x0a, 0xeb,
897 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f, 0xd1, 0xc3, 0x35,
898 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7, 0xe3, 0x2b, 0xb0,
899 0x13, 0xbb, 0x2b, 0x41, 0x04, 0xa4, 0x95, 0x58, 0xd3, 0x2e, 0xd1, 0xeb,
900 0xfc, 0x18, 0x16, 0xaf, 0x4f, 0xf0, 0x9b, 0x55, 0xfc, 0xb4, 0xca, 0x47,
901 0xb2, 0xa0, 0x2d, 0x1e, 0x7c, 0xaf, 0x11, 0x79, 0xea, 0x3f, 0xe1, 0x39,
902 0x5b, 0x22, 0xb8, 0x61, 0x96, 0x40, 0x16, 0xfa, 0xba, 0xf7, 0x2c, 0x97,
903 0x56, 0x95, 0xd9, 0x3d, 0x4d, 0xf0, 0xe5, 0x19, 0x7f, 0xe9, 0xf0, 0x40,
904 0x63, 0x4e, 0xd5, 0x97, 0x64, 0x93, 0x77, 0x87, 0xbe, 0x20, 0xbc, 0x4d,
905 0xee, 0xbb, 0xf9, 0xb8, 0xd6, 0x0a, 0x33, 0x5f, 0x04, 0x6c, 0xa3, 0xaa,
906 0x94, 0x1e, 0x45, 0x86, 0x4c, 0x7c, 0xad, 0xef, 0x9c, 0xf7, 0x5b, 0x3d,
907 0x8b, 0x01, 0x0e, 0x44, 0x3e, 0xf0
910static const unsigned char ecjpake_test_srv_one[] = {
911 0x41, 0x04, 0x7e, 0xa6, 0xe3, 0xa4, 0x48, 0x70, 0x37, 0xa9, 0xe0, 0xdb,
912 0xd7, 0x92, 0x62, 0xb2, 0xcc, 0x27, 0x3e, 0x77, 0x99, 0x30, 0xfc, 0x18,
913 0x40, 0x9a, 0xc5, 0x36, 0x1c, 0x5f, 0xe6, 0x69, 0xd7, 0x02, 0xe1, 0x47,
914 0x79, 0x0a, 0xeb, 0x4c, 0xe7, 0xfd, 0x65, 0x75, 0xab, 0x0f, 0x6c, 0x7f,
915 0xd1, 0xc3, 0x35, 0x93, 0x9a, 0xa8, 0x63, 0xba, 0x37, 0xec, 0x91, 0xb7,
916 0xe3, 0x2b, 0xb0, 0x13, 0xbb, 0x2b, 0x41, 0x04, 0x09, 0xf8, 0x5b, 0x3d,
917 0x20, 0xeb, 0xd7, 0x88, 0x5c, 0xe4, 0x64, 0xc0, 0x8d, 0x05, 0x6d, 0x64,
918 0x28, 0xfe, 0x4d, 0xd9, 0x28, 0x7a, 0xa3, 0x65, 0xf1, 0x31, 0xf4, 0x36,
919 0x0f, 0xf3, 0x86, 0xd8, 0x46, 0x89, 0x8b, 0xc4, 0xb4, 0x15, 0x83, 0xc2,
920 0xa5, 0x19, 0x7f, 0x65, 0xd7, 0x87, 0x42, 0x74, 0x6c, 0x12, 0xa5, 0xec,
921 0x0a, 0x4f, 0xfe, 0x2f, 0x27, 0x0a, 0x75, 0x0a, 0x1d, 0x8f, 0xb5, 0x16,
922 0x20, 0x93, 0x4d, 0x74, 0xeb, 0x43, 0xe5, 0x4d, 0xf4, 0x24, 0xfd, 0x96,
923 0x30, 0x6c, 0x01, 0x17, 0xbf, 0x13, 0x1a, 0xfa, 0xbf, 0x90, 0xa9, 0xd3,
924 0x3d, 0x11, 0x98, 0xd9, 0x05, 0x19, 0x37, 0x35, 0x14, 0x41, 0x04, 0x19,
925 0x0a, 0x07, 0x70, 0x0f, 0xfa, 0x4b, 0xe6, 0xae, 0x1d, 0x79, 0xee, 0x0f,
926 0x06, 0xae, 0xb5, 0x44, 0xcd, 0x5a, 0xdd, 0xaa, 0xbe, 0xdf, 0x70, 0xf8,
927 0x62, 0x33, 0x21, 0x33, 0x2c, 0x54, 0xf3, 0x55, 0xf0, 0xfb, 0xfe, 0xc7,
928 0x83, 0xed, 0x35, 0x9e, 0x5d, 0x0b, 0xf7, 0x37, 0x7a, 0x0f, 0xc4, 0xea,
929 0x7a, 0xce, 0x47, 0x3c, 0x9c, 0x11, 0x2b, 0x41, 0xcc, 0xd4, 0x1a, 0xc5,
930 0x6a, 0x56, 0x12, 0x41, 0x04, 0x36, 0x0a, 0x1c, 0xea, 0x33, 0xfc, 0xe6,
931 0x41, 0x15, 0x64, 0x58, 0xe0, 0xa4, 0xea, 0xc2, 0x19, 0xe9, 0x68, 0x31,
932 0xe6, 0xae, 0xbc, 0x88, 0xb3, 0xf3, 0x75, 0x2f, 0x93, 0xa0, 0x28, 0x1d,
933 0x1b, 0xf1, 0xfb, 0x10, 0x60, 0x51, 0xdb, 0x96, 0x94, 0xa8, 0xd6, 0xe8,
934 0x62, 0xa5, 0xef, 0x13, 0x24, 0xa3, 0xd9, 0xe2, 0x78, 0x94, 0xf1, 0xee,
935 0x4f, 0x7c, 0x59, 0x19, 0x99, 0x65, 0xa8, 0xdd, 0x4a, 0x20, 0x91, 0x84,
936 0x7d, 0x2d, 0x22, 0xdf, 0x3e, 0xe5, 0x5f, 0xaa, 0x2a, 0x3f, 0xb3, 0x3f,
937 0xd2, 0xd1, 0xe0, 0x55, 0xa0, 0x7a, 0x7c, 0x61, 0xec, 0xfb, 0x8d, 0x80,
938 0xec, 0x00, 0xc2, 0xc9, 0xeb, 0x12
941static const unsigned char ecjpake_test_srv_two[] = {
942 0x03, 0x00, 0x17, 0x41, 0x04, 0x0f, 0xb2, 0x2b, 0x1d, 0x5d, 0x11, 0x23,
943 0xe0, 0xef, 0x9f, 0xeb, 0x9d, 0x8a, 0x2e, 0x59, 0x0a, 0x1f, 0x4d, 0x7c,
944 0xed, 0x2c, 0x2b, 0x06, 0x58, 0x6e, 0x8f, 0x2a, 0x16, 0xd4, 0xeb, 0x2f,
945 0xda, 0x43, 0x28, 0xa2, 0x0b, 0x07, 0xd8, 0xfd, 0x66, 0x76, 0x54, 0xca,
946 0x18, 0xc5, 0x4e, 0x32, 0xa3, 0x33, 0xa0, 0x84, 0x54, 0x51, 0xe9, 0x26,
947 0xee, 0x88, 0x04, 0xfd, 0x7a, 0xf0, 0xaa, 0xa7, 0xa6, 0x41, 0x04, 0x55,
948 0x16, 0xea, 0x3e, 0x54, 0xa0, 0xd5, 0xd8, 0xb2, 0xce, 0x78, 0x6b, 0x38,
949 0xd3, 0x83, 0x37, 0x00, 0x29, 0xa5, 0xdb, 0xe4, 0x45, 0x9c, 0x9d, 0xd6,
950 0x01, 0xb4, 0x08, 0xa2, 0x4a, 0xe6, 0x46, 0x5c, 0x8a, 0xc9, 0x05, 0xb9,
951 0xeb, 0x03, 0xb5, 0xd3, 0x69, 0x1c, 0x13, 0x9e, 0xf8, 0x3f, 0x1c, 0xd4,
952 0x20, 0x0f, 0x6c, 0x9c, 0xd4, 0xec, 0x39, 0x22, 0x18, 0xa5, 0x9e, 0xd2,
953 0x43, 0xd3, 0xc8, 0x20, 0xff, 0x72, 0x4a, 0x9a, 0x70, 0xb8, 0x8c, 0xb8,
954 0x6f, 0x20, 0xb4, 0x34, 0xc6, 0x86, 0x5a, 0xa1, 0xcd, 0x79, 0x06, 0xdd,
955 0x7c, 0x9b, 0xce, 0x35, 0x25, 0xf5, 0x08, 0x27, 0x6f, 0x26, 0x83, 0x6c
958static const unsigned char ecjpake_test_cli_two[] = {
959 0x41, 0x04, 0x69, 0xd5, 0x4e, 0xe8, 0x5e, 0x90, 0xce, 0x3f, 0x12, 0x46,
960 0x74, 0x2d, 0xe5, 0x07, 0xe9, 0x39, 0xe8, 0x1d, 0x1d, 0xc1, 0xc5, 0xcb,
961 0x98, 0x8b, 0x58, 0xc3, 0x10, 0xc9, 0xfd, 0xd9, 0x52, 0x4d, 0x93, 0x72,
962 0x0b, 0x45, 0x54, 0x1c, 0x83, 0xee, 0x88, 0x41, 0x19, 0x1d, 0xa7, 0xce,
963 0xd8, 0x6e, 0x33, 0x12, 0xd4, 0x36, 0x23, 0xc1, 0xd6, 0x3e, 0x74, 0x98,
964 0x9a, 0xba, 0x4a, 0xff, 0xd1, 0xee, 0x41, 0x04, 0x07, 0x7e, 0x8c, 0x31,
965 0xe2, 0x0e, 0x6b, 0xed, 0xb7, 0x60, 0xc1, 0x35, 0x93, 0xe6, 0x9f, 0x15,
966 0xbe, 0x85, 0xc2, 0x7d, 0x68, 0xcd, 0x09, 0xcc, 0xb8, 0xc4, 0x18, 0x36,
967 0x08, 0x91, 0x7c, 0x5c, 0x3d, 0x40, 0x9f, 0xac, 0x39, 0xfe, 0xfe, 0xe8,
968 0x2f, 0x72, 0x92, 0xd3, 0x6f, 0x0d, 0x23, 0xe0, 0x55, 0x91, 0x3f, 0x45,
969 0xa5, 0x2b, 0x85, 0xdd, 0x8a, 0x20, 0x52, 0xe9, 0xe1, 0x29, 0xbb, 0x4d,
970 0x20, 0x0f, 0x01, 0x1f, 0x19, 0x48, 0x35, 0x35, 0xa6, 0xe8, 0x9a, 0x58,
971 0x0c, 0x9b, 0x00, 0x03, 0xba, 0xf2, 0x14, 0x62, 0xec, 0xe9, 0x1a, 0x82,
972 0xcc, 0x38, 0xdb, 0xdc, 0xae, 0x60, 0xd9, 0xc5, 0x4c
975static const unsigned char ecjpake_test_pms[] = {
976 0xf3, 0xd4, 0x7f, 0x59, 0x98, 0x44, 0xdb, 0x92, 0xa5, 0x69, 0xbb, 0xe7,
977 0x98, 0x1e, 0x39, 0xd9, 0x31, 0xfd, 0x74, 0x3b, 0xf2, 0x2e, 0x98, 0xf9,
978 0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
983 const unsigned char *xm1,
size_t len1,
984 const unsigned char *xm2,
size_t len2 )
1003static int ecjpake_lgc(
void *
p,
unsigned char *
out,
size_t len )
1010 size_t use_len =
len > 4 ? 4 :
len;
1011 x = 1664525 *
x + 1013904223;
1020#define TEST_ASSERT( x ) \
1034int mbedtls_ecjpake_self_test(
int verbose )
1039 unsigned char buf[512], pms[32];
1050 ecjpake_test_password,
1051 sizeof( ecjpake_test_password ) ) == 0 );
1055 ecjpake_test_password,
1056 sizeof( ecjpake_test_password ) ) == 0 );
1080 pms,
sizeof( pms ), &pmslen, ecjpake_lgc,
NULL ) == 0 );
1096#if !defined(MBEDTLS_ECJPAKE_ALT)
1107 ecjpake_test_x1,
sizeof( ecjpake_test_x1 ),
1108 ecjpake_test_x2,
sizeof( ecjpake_test_x2 ) ) );
1111 ecjpake_test_x3,
sizeof( ecjpake_test_x3 ),
1112 ecjpake_test_x4,
sizeof( ecjpake_test_x4 ) ) );
1116 ecjpake_test_cli_one,
1117 sizeof( ecjpake_test_cli_one ) ) == 0 );
1120 ecjpake_test_srv_one,
1121 sizeof( ecjpake_test_srv_one ) ) == 0 );
1125 ecjpake_test_srv_two,
1126 sizeof( ecjpake_test_srv_two ) ) == 0 );
1129 ecjpake_test_cli_two,
1130 sizeof( ecjpake_test_cli_two ) ) == 0 );
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
ACPI_SIZE strlen(const char *String)
int mbedtls_mpi_sub_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a signed subtraction of MPIs: X = A - B.
size_t mbedtls_mpi_size(const mbedtls_mpi *X)
Return the total size of an MPI value in bytes.
int mbedtls_mpi_add_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a signed addition of MPIs: X = A + B.
int mbedtls_mpi_lset(mbedtls_mpi *X, mbedtls_mpi_sint z)
Store integer value in MPI.
int mbedtls_mpi_read_binary(mbedtls_mpi *X, const unsigned char *buf, size_t buflen)
Import an MPI from unsigned big endian binary data.
int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a modular reduction. R = A mod B.
int mbedtls_mpi_fill_random(mbedtls_mpi *X, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Fill an MPI with a number of random bytes.
void mbedtls_mpi_init(mbedtls_mpi *X)
Initialize an MPI context.
int mbedtls_mpi_mul_mpi(mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B)
Perform a multiplication of two MPIs: X = A * B.
#define MBEDTLS_MPI_CHK(f)
void mbedtls_mpi_free(mbedtls_mpi *X)
This function frees the components of an MPI context.
int mbedtls_mpi_write_binary(const mbedtls_mpi *X, unsigned char *buf, size_t buflen)
Export an MPI into unsigned big endian binary data of fixed size.
#define G(r, i, a, b, c, d)
static void cleanup(void)
int mbedtls_ecjpake_read_round_two(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_write_round_one(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the first round message (TLS: contents of the Client/ServerHello extension,...
int mbedtls_ecjpake_setup(mbedtls_ecjpake_context *ctx, mbedtls_ecjpake_role role, mbedtls_md_type_t hash, mbedtls_ecp_group_id curve, const unsigned char *secret, size_t len)
Set up an ECJPAKE context for use.
void mbedtls_ecjpake_init(mbedtls_ecjpake_context *ctx)
Initialize an ECJPAKE context.
int mbedtls_ecjpake_write_round_two(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Generate and write the second round message (TLS: contents of the Client/ServerKeyExchange).
int mbedtls_ecjpake_derive_secret(mbedtls_ecjpake_context *ctx, unsigned char *buf, size_t len, size_t *olen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Derive the shared secret (TLS: Pre-Master Secret).
int mbedtls_ecjpake_check(const mbedtls_ecjpake_context *ctx)
Check if an ECJPAKE context is ready for use.
int mbedtls_ecjpake_read_round_one(mbedtls_ecjpake_context *ctx, const unsigned char *buf, size_t len)
Read and process the first round message (TLS: contents of the Client/ServerHello extension,...
void mbedtls_ecjpake_free(mbedtls_ecjpake_context *ctx)
This clears an ECJPAKE context and frees any embedded data structure.
GLint GLint GLint GLint GLint x
GLdouble GLdouble GLdouble r
GLboolean GLboolean GLboolean b
GLenum GLuint GLenum GLsizei const GLchar * buf
GLfloat GLfloat GLfloat GLfloat h
#define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE
mbedtls_md_type_t
Supported message digests.
int mbedtls_md(const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen, unsigned char *output)
This function calculates the message-digest of a buffer, with respect to a configurable message-diges...
#define MBEDTLS_MD_MAX_SIZE
unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info)
This function extracts the message-digest size from the message-digest information structure.
#define memcpy(s1, s2, n)
static DATA_BLOB CRYPTPROTECT_PROMPTSTRUCT DATA_BLOB *static LPWSTR DATA_BLOB CRYPTPROTECT_PROMPTSTRUCT DATA_BLOB *static char secret[]
#define mbedtls_md_info_from_type
Configuration options (set of defines)
#define MBEDTLS_ECP_PF_UNCOMPRESSED
int mbedtls_ecp_muladd(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, const mbedtls_mpi *n, const mbedtls_ecp_point *Q)
This function performs multiplication and addition of two points by integers: R = m * P + n * Q.
int mbedtls_ecp_is_zero(mbedtls_ecp_point *pt)
This function checks if a point is the point at infinity.
#define MBEDTLS_ERR_ECP_INVALID_KEY
int mbedtls_ecp_tls_write_group(const mbedtls_ecp_group *grp, size_t *olen, unsigned char *buf, size_t blen)
This function exports an elliptic curve as a TLS ECParameters record as defined in RFC 4492,...
#define MBEDTLS_ERR_ECP_VERIFY_FAILED
#define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
int mbedtls_ecp_mul(mbedtls_ecp_group *grp, mbedtls_ecp_point *R, const mbedtls_mpi *m, const mbedtls_ecp_point *P, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function performs a scalar multiplication of a point by an integer: R = m * P.
void mbedtls_ecp_group_init(mbedtls_ecp_group *grp)
This function initializes an ECP group context without loading any domain parameters.
int mbedtls_ecp_gen_keypair_base(mbedtls_ecp_group *grp, const mbedtls_ecp_point *G, mbedtls_mpi *d, mbedtls_ecp_point *Q, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
This function generates a keypair with a configurable base point.
int mbedtls_ecp_point_cmp(const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q)
This function compares two points.
int mbedtls_ecp_group_load(mbedtls_ecp_group *grp, mbedtls_ecp_group_id id)
This function sets up an ECP group context from a standardized set of domain parameters.
void mbedtls_ecp_point_free(mbedtls_ecp_point *pt)
This function frees the components of a point.
int mbedtls_ecp_tls_read_point(const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt, const unsigned char **buf, size_t len)
This function imports a point from a TLS ECPoint record.
void mbedtls_ecp_group_free(mbedtls_ecp_group *grp)
This function frees the components of an ECP group.
#define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE
int mbedtls_ecp_tls_write_point(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt, int format, size_t *olen, unsigned char *buf, size_t blen)
This function exports a point as a TLS ECPoint record defined in RFC 4492, Section 5....
#define MBEDTLS_ECP_MAX_BYTES
#define MBEDTLS_ERR_ECP_BAD_INPUT_DATA
int mbedtls_ecp_tls_read_group(mbedtls_ecp_group *grp, const unsigned char **buf, size_t len)
This function sets up an ECP group context from a TLS ECParameters record as defined in RFC 4492,...
void mbedtls_ecp_point_init(mbedtls_ecp_point *pt)
This function initializes a point as zero.
@ MBEDTLS_ECP_DP_SECP256R1
int mbedtls_ecp_point_write_binary(const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P, int format, size_t *olen, unsigned char *buf, size_t buflen)
This function exports a point into unsigned binary data.
The ECP point structure, in Jacobian coordinates.